Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

1ea9add044...5c.exe

windows7-x64

8

1ea9add044...5c.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    118s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    31/12/2023, 20:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe

  • Size

    5.0MB

  • MD5

    d8e5be4f6cceb9d0b4e7a5c7bc454931

  • SHA1

    32c0facfa09ad99295bf1fd3d28920cd662c1942

  • SHA256

    1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c

  • SHA512

    1bbb54eb29df394c7025c12e8ed20e61d0236e84e41b3b99cfac2822231fd4f0181a91176b7aa824ab10bec10a916ffffbc80a36ed3b0860377e67622b3a22d1

  • SSDEEP

    98304:QLPIAN/nUeKbj+U+o4TTOM8KdzOJDb4v+B:LAN/W0nwN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe
    "C:\Users\Admin\AppData\Local\Temp\1ea9add044dd71144465755edee384ca126169709ddd21f58b7679003ebb9a5c.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2232

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    1d561e83fffbacb64d7cfad08f99de29

    SHA1

    23779297d753d5b6263c178f7f268d8bc1526982

    SHA256

    ce5c831720053016573cdd3c12a72f476d083c78499ae37a5228e94991eaceba

    SHA512

    a5988eb6f35bc6bfbdf06e6edecdef6298a2b253b23af0c6e78bdd21a27667be2f8464aeb8da043bcf6696cb6d5a91f841f80100c32e97e0643fb9c9313b67bf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    7KB

    MD5

    3b8e6626f849c7b90bd7ef0416ff5bf1

    SHA1

    e90b5d2dd2df99c19fc88a3e182236dac1c235cb

    SHA256

    bb7ad0e7d540f338d58cb9b27a702d9bd8be6b42ef37c9ca3c1c1730288d7947

    SHA512

    0cd8225d112d70d123b1d34392ee7f929a63fe5b9db26da5a288753c5fef6d3b68b933d7c013fc30040fdf5389ee4ab52f1cc36d5b08fa6e7696ffeb2d65eefe

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    9badd268285da2bd409e2614cf9f78fa

    SHA1

    7de9486a9e79217eb621c4d328a5ee89c6113410

    SHA256

    9b1e6119f44743fb89d7bf3dbdfeb71fd89d3c91b49ddb526c344cff1ce5e3b5

    SHA512

    b8ec32f5e3c305502add79324484bbf315ed5c0f36a143fc20d90003753b5b61e0d4ea4612cb9b832eebd22077d83f1237eb1604c4f6018d0db640a7b1e9a3e3

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb92FC.tmp
    Filesize

    152.8MB

    MD5

    8d4ce8804f4d6330cb29ffef513fcbfa

    SHA1

    a812630d4693f93940cf3569b8576c1639ec0582

    SHA256

    bfa12ffae9a2d37d7a1ca279d38876590e1d00c09f2c4dd0a226bcb4032eb82b

    SHA512

    9860a0897f3511ce39cd0f446e7f6ee54d8936786abb9502f666df2d543d2b69376a8b4aebfd3e0097a829417fcf18bcf0225cb017bf0949c75dc23984cca2fe

    Download Submit